Insider corporate data theft and malware infections among biggest threat to digital business in 2016: Accenture

PUNE: Insider data theft and malware attacks top the list of the biggest concerns for enterprise security executives,as per a new report by Accenture and HfS Research. According to the State of Cybersecurity and Digital Trust 2016 survey, 69% of the respondents experienced an attempted or successful theft or corruption of data by insiders during the last 12 months, with media and technology organizations reporting the highest rate (77%). The survey was carried out across over 200 C-level security and IT professionals across different geographies and sectors. This insider risk will continue to be an issue, with security professionals' concerns over insider theft of corporate information alone rising by nearly two-thirds over the coming 12 to 18 months. Additionally, the research showed that a budget shortage for hiring cybersecurity talent and well-trained employees was hindering the ability of organizations to properly defend themselves against these attacks. The survey findings indicate that there are significant gaps between talent supply and demand, a disconnect between security teams and management expectations, and considerable disparity between budget needs and actual budget realities. "Our research paints a sobering picture. Security leaders believe threats are not going away, in fact they expect them to increase and hinder their ability to safeguard critical data and establish digital trust," said Kelly Bissell, senior managing director, Accenture Security. "While organizations want to invest in advanced cyber technologies, they simply don't have enough budget to recruit or train skilled people to use that technology effectively. To better manage this security problem, businesses will need to work in tandem with the extended enterprise ecosystem - business units, partners, providers and end users - to create an environment of digital trust." The report identified five significant gaps disrupting the ability of enterprises to effectively prevent or mitigate well-organized and targeted cyber-attacks, including: * Talent: Thirty-one percent list either lack of training or staffing budget as their single biggest inhibitor to combating attacks * Technology: Firewalls and encryption top the list of the most important technologies to combat cyber threats, but the largest increase in deployments anticipated in the next 12 to 18 months are in the areas of cognitive computing and AI and data anonymization * Parity: An enterprise is only as secure as its least secure partner, yet only 35-57 percent of all enterprises said they assess ecosystem partners for cyber integrity and preparedness, with BPO partners being the least vetted and credit partners being the most vetted * Budget: Seventy percent cite a lack of, or inadequate, funding for either cybersecurity technology or security talent, including training * Management: While 54 percent of respondents agree or strongly agree that cybersecurity is an enabler of digital trust for consumers, 36 percent believe that their executive management considers cybersecurity an unnecessary cost.

Related

DELHI: While many banks trust their cybersecurity strategy, nearly a third of all cyber attacks are successful, according to a report by Accenture. The report, 'Building Confidence: Solving Banking's Cybersecurity Conundrum', is based on a global survey of 275 senior security executives across the banking and capital markets sectors.

MUMBAI: India witnessed a significant increase in frauds with 89% of executives reporting that their companies were victim to at least one instance of fraud over the past 12 months, up from 68% in 2016, the Kroll Annual Fraud and Risk Report has revealed.Fraud, cyber, and security risks are at an all-time high, according to the senior corporate executives surveyed worldwide for the 2017/18 report.

As businesses spend billions of dollars a year trying to protect their data from hacking that's costing trillions, they face another threat closer to home: data theft by their own employees. That's one of the findings in a survey published by management consultant Accenture and HfS Research on Monday. Of 208 organisations surveyed, 69% "experienced an attempted or realised data theft or corruption by corporate insiders" over the past 12 months, the survey found, compared to 57% that experienced similar risks from external sources.

OTTAWA — Chinese hackers used tempting emails, malware and password theft to worm their way into National Research Council computers in pursuit of valuable scientific and trade secrets, a newly released federal analysis reveals.
The attack, which prompted a shutdown of the government research council’s computer network in July, relied on textbook moves commonly seen in state-sponsored digital assaults, says the case study by the Canadian Cyber Incident Response Centre.

LAS VEGAS: As enterprises the world over scout for next-generation cyber security architecture to mitigate attacks, the Indian systems integrator (SI) community is helping major companies embrace state-of-the-art security structures, Chris Young, Chief Executive Officer of McAfee, has said. "A lot of companies in India are trusted providers of cyber security solutions to firms around the world. Indian companies have the same challenge and opportunity as other companies.

MUMBAI: A spate of recent ransomware attacks such as WannaCry and Petya has led corporate India scrambling to hire cyber-security experts to protect their IT systems. Demand for graduates specialising in cyber security has shot up to an alltime high, and universities and educational institutes are introducing these programmes to cater to the growing requirements. Students from the 2017 batch of the Gujarat Forensic Sciences University in Gandhinagar with degrees such as M. Tech in Cyber Security & Incident Response and M.Sc.

New Government statistics have revealed half of UK businesses suffered a cyber security breach or attack in the last 12 months; rising to two-thirds among medium sized businesses and large businesses.
In fact, the ‘Cyber Security Breaches Survey, 2017’ has claimed nearly 7 in 10 businesses have identified a breach on some level. Firms holding personal data are more likely to face an attack, compared to 37 per cent of businesses who do not hold personal data.

This will end very badly. According to The Economist, American companies have bought over $500 billion worth of their own stock in the last 12 months. We haven’t seen this kind of pace in share repurchases since 2007. We all remember what followed soon after this buyback craze. Indeed, one could easily argue that the buyback craze helped create the bubble in stocks in 2007. Today, what’s particularly disturbing is the fact that many corporations are issuing debt to do this.

1. The Cloud Is Not Immune
An old quote attributable to bank robber Willie Sutton is that he robs banks because that’s where the money is. So it goes for data. As more data migrates to the cloud, targeting that data will increase.